Add: specific system user for levr.porzh.me

2025-10-09 18:40:13 +02:00 · 2025-10-09 18:40:13 +02:00 · 5deefc17b2
commit 5deefc17b2
parent 441cd5eff9
2 changed files with 21 additions and 3 deletions
--- a/config/globals.nix
+++ b/config/globals.nix
@ -35,6 +35,7 @@
      home = "/var/lib/services/levr";
      build = "/var/lib/www/levr";
      url = "levr.porzh.me";
      user = "levr";
    };
    outline = {
      url = "notes.porzh.me";
--- a/modules/sites/levr.porzh.me.nix
+++ b/modules/sites/levr.porzh.me.nix
@ -11,7 +11,7 @@ in {
      Type = "oneshot";
      WorkingDirectory = globals.services.levr.home ;
      ExecStart = ''${pkgs.hugo}/bin/hugo --minify build -d ${globals.services.levr.build}'';
-      User = "lomig";
+      User = "levr";
    };
  };
  systemd.timers.hugo-build = {
@ -28,7 +28,7 @@ in {
      Type = "oneshot";
      WorkingDirectory = globals.services.levr.home;
      ExecStart = "${pkgs.git}/bin/git pull origin master";
-      User = "lomig";
+      User = "levr";
    };
    environment = {
      PATH = lib.mkForce "${pkgs.openssh}/bin";
@ -60,4 +60,21 @@ in {
      };
    };
  };
-                   }
+  users = {
    users = {
      "${globals.services.levr.user}" = {
        isSystemUser = true ;
        group = globals.services.levr.user ;
        home = globals.services.levr.home ;
        createHome = true ;
        description = "User for hugo-blog builds and deployments";
      };
    };
    groups.${globals.services.levr.user} = {};
  };
  systemd.tmpfiles.rules = [
    "d ${globals.services.levr.home} 0755 levr levr -"
    "d ${globals.services.levr.build} 0755 levr levr -"
  ];
 }